Routing Experiments Chen-Nee Chuah, Sonia Fahmy, Denys Ma,

Routing Experiments Chen-Nee Chuah, Sonia Fahmy, Denys Ma,
Cyber DEfense Technology Experimental Research (DETER) Network Evaluation Methods for Internet Security Technology (EMIST) USC Information Sciences Institute  University of California, Berkeley  University of California, Davis  Penn State University Purdue University  International Computer Science Institute  Stanford Research Institute (SRI)  Network Associates  SPARTA Routing Experiments Chen-Nee Chuah, Sonia Fahmy, Denys Ma, Patrick McDaniel, Sandy Murphy, Soon-Tee Teoh, Shih-Ming Tseng, S. Felix Wu, Fan Zhao, Ke Zhang 09/28/2005 Newport Beach, California

Newport Beach, California
Research Objectives Realistic Internet routing experiments with configurable parameters Study, analyze, evaluate, & validate hypothesis/principles related to Internet routing and its security 09/28/2005 Newport Beach, California

The “Internet” as September 26, 2005
20464 Autonomous Systems ??? BGP Routers IP Address Prefixes announced 09/28/2005 Newport Beach, California

Simulation versus Emulation
Simulation  large-scale but might abstracting away low level characteristics. Emulation  experimenting realistic implementations and observing the “unexpected” Implementation differences Analyzing/interpreting the interactions May help in accomplishing better simulation tasks in BGP. 09/28/2005 Newport Beach, California

A Little Dampening Story
SSFNet Zebra Cisco per prefix + per peer per prefix + per peer + per AS path 09/28/2005 Newport Beach, California

MRAI Timer Minimum Route Advertisement Interval
Default: 30 seconds  convergence Adaptive MRAI timer (RPI, Globecom’04) 30 seconds  5 seconds  0 seconds 09/28/2005 Newport Beach, California

Interactions/Dynamics
Failures/faults/attacks Mobility/configuration/policy changes Cross-layer interactions EGP versus IGP 09/28/2005 Newport Beach, California

Routing Experiments on DETER in 2005
BGP + P2P BGP + OSPF BGP + intention-driven iTrace + DDoS BGP + Network Mobility + OASC We have enjoyed very much many very frustrating and then exciting moments. 09/28/2005 Newport Beach, California

09/28/2005 Newport Beach, California

AS-117 AS-112 AS-121 AS-113 AS-101 AS-114 09/28/2005 Newport Beach, California

Collecting the Results in 2004
show IP BGP … 1 peer (SPRINT) Full Routing Table (9MB compressed) BGP Updates (2 hours KB) ~29 MB uncompressed routing table snapshot per router per 3 minutes 09/28/2005 Newport Beach, California

Collecting the Results in 2005
show IP BGP … updates -- MRT 1 peer (SPRINT) Full Routing Table (9MB compressed) BGP Updates (2 hours KB) selected prefixes per router per 1 second 09/28/2005 Newport Beach, California

AS-117 /8 AS-112 AS-121 AS-113 AS-114 AS-101 09/28/2005 Newport Beach, California

AS-117 /8 mobility AS-112 AS-121 AS-113 AS-114 AS-101 09/28/2005 Newport Beach, California

117 112 101 113 121 114 /8 09/28/2005 Newport Beach, California

AS-121  AS-117 Very comment in Internet operations One Transition of /8 AS-121  withdraw Tw AS-117  announce Ta Tw  Ta prefix unreachable Ta  Tw multi-homing, OASC convergence and instability multiple instances in a short period of time 09/28/2005 Newport Beach, California

117 112 101 113 121 114 Routing dynamics occurred! 09/28/2005 Newport Beach, California

117 112 101 113 121 114 AS-117 announced AS-121 withdrawn OASC 09/28/2005 Newport Beach, California

117 112 101 113 121 114 09/28/2005 Newport Beach, California

117 112 101 113 121 114 AS-117 announced AS-121 withdrawn OASC 09/28/2005 Newport Beach, California

AS 101 Multi homing ===================================================== Wed Sep 28 02:26:00 PDT 2005 ===================================================== Paths: (3 available, best #3, table Default-IP-Routing-Table) Advertised to non peer-group peers: from ( ) Origin IGP, localpref 100, valid, external Last update: Wed Sep 28 02:13: from ( ) Origin IGP, localpref 100, valid, external Dampinfo: penalty 543, flapped 1 times in 00:13:05 Last update: Wed Sep 28 02:25: from ( ) Origin IGP, localpref 100, valid, external, best Last update: Wed Sep 28 02:13: 09/28/2005 Newport Beach, California

AS 101 Multi homing ===================================================== Wed Sep 28 02:26:00 PDT 2005 ===================================================== Paths: (3 available, best #3, table Default-IP-Routing-Table) Advertised to non peer-group peers: from ( ) Origin IGP, localpref 100, valid, external Last update: Wed Sep 28 02:13: from ( ) Origin IGP, localpref 100, valid, external Dampinfo: penalty 543, flapped 1 times in 00:13:05 Last update: Wed Sep 28 02:25:  from ( ) Origin IGP, localpref 100, valid, external, best Last update: Wed Sep 28 02:13: 09/28/2005 Newport Beach, California

AS 113 only one available route ===================================================== Wed Sep 28 02:26:00 PDT 2005 ===================================================== Paths: (3 available, best #1, table Default-IP-Routing-Table) Advertised to non peer-group peers: 121 from ( ) Origin IGP, metric 0, localpref 100, valid, external, best Last update: Wed Sep 28 02:12: , (history entry) from ( ) Origin IGP, localpref 100, external Dampinfo: penalty 545, flapped 1 times in 00:13:02 Last update: Wed Sep 28 02:04: , (history entry) from ( ) Origin IGP, localpref 100, external Dampinfo: penalty 545, flapped 1 times in 00:13:02 Last update: Wed Sep 28 02:04: 09/28/2005 Newport Beach, California

117 112 101 113 121 114 AS-121 withdrawn AS-117 announced AS-121 withdrawn AS-117 withdrawn OASC 09/28/2005 Newport Beach, California

117 112 101 113 121 114 AS-117 announced AS-117 withdrawn 09/28/2005 Newport Beach, California

AS 112 got the best route from AS101 ===================================================== Wed Sep 28 02:26:00 PDT 2005 ===================================================== Paths: (2 available, best #1, table Default-IP-Routing-Table) Advertised to non peer-group peers: 117 from ( ) Origin IGP, metric 0, localpref 100, valid, external, best Last update: Wed Sep 28 02:25: from ( ) Origin IGP, localpref 100, valid, external Last update: Wed Sep 28 02:13: ================================================= 09/28/2005 Newport Beach, California

Intensive Mobility 09/28/2005 Newport Beach, California

BGP Events: Causality and Correlation
Causality Relationship among each individual BGP event (across different routers/ASes) Critical to simply understand/correlate BGP behavior Discovery new types of relationships (or filter/correct false causality in experiments) Important for generating/replaying realistic BGP events Using emulation to verify the causality Maybe also with commercial routers (e.g., Juniper) 09/28/2005 Newport Beach, California

Intention-Driven iTrace on BGP
using BGP as a global signaling mechanism 09/28/2005 Newport Beach, California

Intention-Driven iTrace on BGP

BGP Routing Update Visualization

Per-RT-Snapshot OASC 09/28/2005 Newport Beach, California

Per-Update OASC 09/28/2005 Newport Beach, California

Experience Designing/running experiments on DETER is a relatively productive process. 1~2 weeks Explaining the “events” has been really fun for us Lots of anomalies due to different root causes DETER offers a nice platform to replay for the purpose of investigation A challenging issue  link with Route View and other PREDICT data 09/28/2005 Newport Beach, California

Acknowledgements Thank the DETER operational team, even on Saturday when we were crying!! Thank the EMIST Routing colleagues at: 09/28/2005 Newport Beach, California

Routing Experiments Chen-Nee Chuah, Sonia Fahmy, Denys Ma,

Similar presentations

Presentation on theme: "Routing Experiments Chen-Nee Chuah, Sonia Fahmy, Denys Ma,"— Presentation transcript:

Similar presentations

About project

Feedback

Log in

Auth with social network:

Routing Experiments Chen-Nee Chuah, Sonia Fahmy, Denys Ma,

Similar presentations

Presentation on theme: "Routing Experiments Chen-Nee Chuah, Sonia Fahmy, Denys Ma,"— Presentation transcript:

Similar presentations

About project

Feedback